Does your organization provide privacy or other security training to employees using an internal or external resource? How often do employees need to attend either of the two training types?
Sort By:
Oldest
Director Certifications in Education5 years ago
Best practices would be to provide security awareness training annually, which will include privacy data awareness and protection. Many organizations would have outside experts provide this training. However, well run organizations (generally big financials or Pharma) would have internal trainers provide this type of training. Organizations must design their systems with layered protections to minimize the internal threat, such as strict access controls on sensitive data.Group Chief Information Officer in Construction5 years ago
We do have a -Weekly security awareness email ( one topic per month)
-Monthly security magazine and
- Quarterly security assessment (sending fishing email and measuring the responses )
-We also run online special trainings for finance, commercial and IT groups
CEO in Manufacturing3 years ago
We use KnowBe4 training. Employees are phish tested every month and sent to remedial training if they fall for a test. They also do regular training every six months.Chief Privacy Officer in Finance (non-banking)7 months ago
We are delivering an all-employee privacy training (as a module of a Infosec/privacy combined training). This is online and built internally. There are couple of commun slides to remind the principles, and we select a theme for the year (incident management, data minimization, AI, etc...)This is annual and mandatory.
We also deliver thematic trainings (internally built) to employees working with sensitive data, and finally we are offering on-demand trainings (using OT learning platform)